856 matches found
OpenOffice EMF File Parser Remote Command Execution Vulnerability (Linux)
The host has OpenOffice installed and is prone to Remote Command Execution Vulnerability OpenVAS Vulnerability Test $Id: secpodopenofficeemffileparservulnlin.nasl 5122 2017-01-27 12:16:00Z teissa $ OpenOffice EMF File Parser Remote Command Execution Vulnerability Linux Authors: Antu Sanadi...
OpenOffice EMF File Parser Remote Command Execution Vulnerability (Windows)
The host has OpenOffice installed and is prone to Remote Command Execution Vulnerability OpenVAS Vulnerability Test $Id: secpodopenofficeemffileparservulnwin.nasl 5122 2017-01-27 12:16:00Z teissa $ OpenOffice EMF File Parser Remote Command Execution Vulnerability Windows Authors: Antu Sanadi...
CVE-2009-1383
The getdirective function in mathtex.cgi in mathTeX, when downloaded before 20090713, allows remote attackers to execute arbitrary commands via shell metacharacters in the dpi tag...
DSquare Exploit Pack: D2SEC_SYMIAO
Name| d2secsymiao ---|--- CVE| CVE-2009-1429 Exploit Pack| D2ExploitPack Description| Symantec Intel Alert Originator Service Command Execution Vulnerabilty Notes|...
DNS Tools (PHP Digger) - Remote Command Execution
DNS Tools PHP Digger Remote Command Execution + Discovered By SirGod + www.mortal-team.org + www.h4cky0u.org + Remote Command Execution - Vulnerable code in dig.php ------------------------------------------ $ns = $GET'ns'; system "dig @$ns $host $querytype";...
fttss 2.0 - Remote Command Execution
fttss 2.0 - Remote Command Execution :::::::-. ... ::::::. :::. ;;, ';, ;; ;;;;;;;, ;;; ' . ' $$, $$$$ $$$ $$$ "Y$c$$ 888,o8P'88 .d888 888 Y88 MMMMP" "YmmMMMM"" MMM YM Discovered by dun \ dunatstrcpy.pl fttss /tmp/dupa; HTTP/1.x 200 OK Date: Sun, 11 Jan 2009 16:24:57 GMT Server: Apache...
CVE-2008-3466
Microsoft Host Integration Server HIS 2000, 2004, and 2006 does not limit RPC access to administrative functions, which allows remote attackers to bypass authentication and execute arbitrary programs via a crafted SNA RPC message using opcode 1 or 6 to call the CreateProcess function, aka "HIS...
Authentication flaw
Microsoft Host Integration Server HIS 2000, 2004, and 2006 does not limit RPC access to administrative functions, which allows remote attackers to bypass authentication and execute arbitrary programs via a crafted SNA RPC message using opcode 1 or 6 to call the CreateProcess function, aka "HIS...
CVE-2008-1381
ZoneMinder before 1.23.3 allows remote authenticated users, and possibly unauthenticated attackers in some installations, to execute arbitrary commands via shell metacharacters in a crafted URL...
CVE-2007-2769
CVE-2007-2769 affects BES prior to 3.5.0 in OPeNDAP 4 (Hydrax) before 1.2.1. The issue arises from improper handling of compressed files, enabling remote attackers to upload arbitrary files or execute arbitrary commands via a crafted compressed file. No further details on exploit methods or fixed...
TWiki 4.0.4 - Configure Script Remote Code Execution (Metasploit)
This file is part of the Metasploit Framework and may be redistributed according to the licenses defined in the Authors field below. In the case of an unknown or missing license, this file defaults to the same license as the core Framework dual GPLv2 and Artistic. The latest version of the...
newsReporter <= 1.1 (index.php) Remote Inclusion Vulnerability
Exploit for unknown platform in category web applications ============================================================== newsReporter Kurdish Security newsReporter v1.1 Remote Command Execution Freedom For Ocalan Contact : irc.gigachat.net kurdhack & www.PatrioticHackers.com Rish : High Class :...
phpWebSite <= 0.10.2 (hub_dir) Remote Commands Execution Exploit
Exploit for unknown platform in category web applications ================================================================ phpWebSite arbitrary local inclusion, works with magicquotesgpc = Off\r\n"; echo "by rgod, mail: email protected\r\n"; echo "site: http://retrogod.altervista.org\r\n\r\n"; if...
quizz 1.01 - quizz.pl Remote Command Execution
quizz 1.01 - quizz.pl Remote Command Execution !/usr/bin/perl quizz.p exploit by FOXMULDER [email protected] Vulnerability foud by WBYTE. Born to be root !!! !!!!!!!!!!!!!!!THANKS to WBYTE !!!!!!!!!!!!!!!!! FACT:Wbyte doesn't sleeps , he waits !. 0day use IO::Socket; use LWP::Simple; sub Usage pri...
WzdFTPD <= 0.5.4 (SITE) Remote Command Execution Exploit (meta)
No description provided by source. Reference: http://www.milw0rm.com/id.php?id=1231 kcope /str0ke Metasploit plugin for: Wzdftpd SITE Command Arbitrary Command Execution 2005 11 26 - David Maciejak package Msf::Exploit::wzdftpdsite; use base "Msf::Exploit"; use strict; use Pex::Text; my $advanced...
[badroot security] Community link pro web editor: Remote command Execution
BADROOT SECURITY GROUP Security Advisory 2005-0x05 http://www.badroot.org irc.us.azzurra.org badroot - - - - - - - - - - - - - - - - - - - - - - - - - Authors ....... spher3 spher3 at fatalimpulse dot net mozako admin at fatalimpulse dot net Date...
e107 ePing Plugin doping.php Arbitrary Code Execution
The installation of e107 on the remote host includes a version of the ePing plugin that is affected by a command execution vulnerability. This plugin fails to sanitize the 'epingcmd', 'epingcount' and/or 'epinghost' parameters of the 'doping.php' script before using them in a system call. An...
I-Mall Commerce (i-mall.cgi) Remote Command Execution Exploit
Exploit for cgi platform in category web applications ============================================================= I-Mall Commerce i-mall.cgi Remote Command Execution Exploit ============================================================= I-Mall explo Spawn bash style Shell with webserver uid Gree...
CVE-2004-1184
The EPSF pipe support in enscript 1.6.3 allows remote attackers or local users to execute arbitrary commands via shell metacharacters...
CVE-2004-2425
Axis Network Camera 2.40 and earlier, and Video Server 3.12 and earlier, allows remote attackers to execute arbitrary commands via accent and possibly other shell metacharacters in the query string to virtualinput.cgi...